Stuxnet retaliation: What if Iran isn’t bluffing?

It is no secret that Iran and others have openly blamed the United States, Britain and Israel for the Stuxnet attack that struck the Iranian nuclear enrichment program in 2010. Given the unique characteristics of this cyberattack, there is little hard evidence to support those accusations. Once again the problem of attribution comes into play, and there is no chance we will solve the attribution issue any time soon. However, that has not stopped the relentless accusations and rhetoric. Just recently the rhetoric has been taken to a new height.

The Islamic Republic is committed "to fight our enemies with abundant power in cyberspace and Internet warfare," said Brig. Gen. Gholamreza Jalali, who leads Iran’s Passive Defense Organization. Iran has a well-known reputation for attacking websites of the Mossad, FBI and others. A few months back, news started filtering out about Iran’s plan for a retaliatory strike against those behind Stuxnet. This information was reinforced when Iranian officials spoke of a new cyber soldier recruitment program to acquire the skills and capabilities of volunteer hackers and those in academia. One unconfirmed piece of information that surfaced claims the Iranian volunteer cyber soldiers may be paid up to $10,000 per month for their services, which is very lucrative income in Iran these days.

Some question the quality of this resource pool, but do we really want to take the chance? The answer to that question is easy: no. We should immediately review our cyber defenses, and our plans and capabilities to strike Iran to be prepared when and if we need to retaliate.